CA9-98-030 



Amendments to the Claims; 

This listing of claims will replace all prior versions, and listings, of claims 
in the application: 

Listing of Claims: 

Claim 1 (previously amended) 

Claim 2 (previously amended) 

Claim 3 (previously amended) 

Claim 4 (original) 

Claim 5 (previously amended) 

Claim 6 (previously amended) 

Claim 7 (currently amended) 

Claim 8 (original) 

Claim 9 (previously amended) 

Claim 10 (original) 

Claim 1 1 (original) 

Claim 12 (previously amended) 

Claim 13 (previously amended) 

Claim 14 (previously amended) 

Claim 15 (original) 

Claim 16 (original) 

Claim 17 (previously amended) 

Claim 18 (original) 

Claim 19 (original) 

Claim 20 (original) 
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Claim 21 (original) 

Claim 22 (previously amended) 

Claim 23 (previously amended) 

Claim 24 (previously amended) 

Claim 25 (original) 

Claim 26 (original) 
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Amendments to the Claims: 

1. (Previously Amended) 

A secure electronic data storage and retrieval system with the electronic 
data stored therein maintained secure from the repository manager, comprising: 

a data repository; 

a repository manager for managing storage and retrieval of encrypted 
electronic data of a depositing computer into and out of the data repository; 

an agent program of the depositing computer, accessible to the repository 
manager whether the depositing computer is online or off-line, the agent 
program having means in an environment secure from the repository manager 
to decrypt, on authentication of a requesting computer, the encrypted electronic 
data of the depositing computer retrieved from the data repository on request of 
the requesting computer. 

2. (Previously Amended) 

The system, according to claim 1, where the repository manager is further 
adapted to digitally sign the encrypted electronic data prior to storage in the 
data repository, and to forward a copy of the signed encrypted data to the agent 
program of the depositing computer, and wherein the agent program of the 
depositing computer is adapted to verify in the environment secure from the 
repository manager against the signed encrypted data, the retrieved encrypted 
electronic data following decryption. 
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3. (Previously Amended) 

The system, according to claim 2, wherein the agent program is further 
adapted to forward the decrypted electronic data directly from the environment 
secure from the repository manager to the requesting computer without 
providing access to the repository manager. 

4. (Original) 

The system, according to claim 3, wherein the agent program is a secure 
extension of the depositing computer and is adapted to manage 
communications between the depositing computer and the repository manager. 

5. (Previously Amended) 

The system, according to claim 4, further comprising a server having 
communication links with the repository manager, the depositing computer and 
the requesting computer, the server housing: 

the agent program of the depositing computer and the environment secure 
from the repository manager; 

a second environment comprising a secure extension of the repository 
manager, said second environment adapted to manage communications to and 
from other environments on the server with the repository manager; and 

at least a third environment comprising a secure extension of the 
requesting computer, said third environment adapted to manage 
communications to and from other environments on the server with the 
requesting computer. 
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6. (Previously Amended) 

The system, according to claim 5, wherein the agent program of the 
depositing computer comprises means to encrypt and digitally sign electronic 
data received from the depositing computer, and to forward the encrypted 
electronic data and signature to the repository manager for storage in the 
depositing computers data repository. 

7. (Previously Amended) 

A process for authenticating user access to electronic data stored in a 
data repository secure from a repository manager unrelated to a source of the 
electronic data, comprising: 

associating an access control list of user authorizations with the 
electronic data when stored in the data repository in an environment secure 
from the repository manager; 

effecting updates to the access control list only from the source of the 
electronic data; 

storing the updated access control list with the electronic data stored in 
the data repository in an environment secure from the repository manager; 

storing evidence of the updated access control list at the source of the 
electronic data and at any user computer to have effected the update; and 

verifying accuracy of the updated access control list stored with the 
electronic data in the data repository with the evidence stored at the source 
before releasing the electronic data to a requesting authorized user. 
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8. (Original) 

The process, according to claim 7, wherein the step of effecting updates 

to the access control list comprises: 

identifying a revision level of the updated access control list; and 
associating a current time stamp with the updated access control list, 

and wherein the step of storing evidence comprises: 

creating a token of the revision level and current time stamp; and 
storing the token at every user with access to the electronic data in the 

data repository. 

9. (Previously Amended) 

The process of claim 8, further comprising: 

attaching the token to the updated access control list to form a data 
structure; 

digitally signing the data structure; and 

storing the signed data structure with the updated access control list in 
the data repository and at the source, and wherein the step of verifying 
accuracy of the updated access control list comprises: 

verifying decrypting the data structure signature at the source; and 
comparing the verified data structure with the updated access control list 
retrieved from the data repository. 
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10. (Original) 

The process of claim 8, wherein the step of storing evidence further 
comprises: 

digitally signing the token; and 
storing the signed token at the source. 

11. (Original) 

The process of claim 10, further comprising: 

forwarding the digitally signed token to a user authorized by the source to 
update the access control list; and 

on presentation of the digitally signed token by the user authorized to 
update the access control list, 

verifying the token signature at the source; and 

comparing the verified token with the revision level and current time 
stamp associated with the updated access control list retrieved from the data 
repository. 

12. (Previously Amended) 

A process for secure storage and retrieval of electronic data in a remote 
data repository, comprising: 

digitally signing the electronic data at source; 

encrypting the electronic data at the source; 

forwarding the encrypted electronic data to the data repository; 

digitally signing the encrypted electronic data at the data repository to 
produce a deposit receipt; 



SN 09/459,239 



9 



CA9-98-030 



storing the encrypted electronic data and deposit receipt in the data 
repository in an environment free of access by the data repository manager; and 

returning a copy of the deposit receipt to the source. 

13. (Previously Amended) 

The process, according to claim 12, further comprising: 
receiving a request from a requesting user, for access to the stored 
electronic data; 

retrieving the encrypted electronic data and forwarding the retrieved data 
to the source; 

verifying the requesting user as authorized to access the electronic data; 

and 

if verified, decrypting the retrieved data and sending it directly to the 
requesting user without providing access to the data repository manager. 

14. (Previously Amended) 

The process, according to claim 13, further comprising: 

associating an access control list of user authorizations with the 

electronic data when stored in the data repository in the environment free of 

access by the depository manager; 

effecting updates to the access control only list from the source of the 

electronic data; 

storing the updated access control list with the electronic data stored in 
the data repository; and 
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storing evidence of the updated access control list at the source and at 
every user with authorized access to the electronic data in the data repository in 
areas free from access by the depository manager. 

15. (Original) 

The process, according to claim 14, wherein the step of verifying the 
requesting user as authorized comprises locating the requesting user on the 
updated access control list. 

16. (Original) 

The process, according to claim 15, further comprising the step of 
verifying accuracy of the updated access control list stored with the electronic 
data in the data repository with the evidence stored at the source before 
releasing the electronic data to the requesting user. 

17. (Previously Amended) 

A computer program product on a computer usable medium for 
authenticating user access to electronic data stored in a data repository secure 
from a repository manager unrelated to a source of the electronic data, said 
computer program product comprising: 

computer software for associating an access control list of user 
authorizations with the electronic data when stored in the data repository in 
an environment secure from the repository manager; 

computer software for effecting updates to the access control list from the 
source of electronic data; 
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computer software for storing the updated access control list with the 
electronic data stored in the data repository in an environment secure from the 
repository manager; 

computer software for storing the evidence of the updated access control 
list at the source of the electronic data and at any user computer to have 
effected the update; and 

computer software for verifying accuracy of the updated access control 
list stored with the electronic data in the data repository with the evidence 
stored at the source before releasing the electronic data to a requesting 
authorized user. 

18. (Original) 

The program product of claim 17, wherein the computer software for 
effecting updates to the access control list comprises: 

computer software for identifying a revision level of the updated access 
control list; and 

computer software for associating a current time stamp with the updated 
access control list, and wherein the step of storing evidence comprises: 

computer software for creating a token of the revision level and current 
time stamp; and 

computer software for storing the token at every user with access to the 
electronic data in the data repository. 
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19. (Original) 

The program product of claim 18, further comprising: 

computer software for attaching the token to the updated access control 
list to form a data structure; 

computer software for digitally signing the data structure; and 

computer software for storing the signed data structure with the updated 
access control list in the data repository and at the source, and wherein the 
software for verifying accuracy of the updated access control list comprises: 

computer software for verifying decrypting the data structure signature at 
the source; and 

computer software for comparing the verified data structure with the 
updated access control list retrieved from the data repository. 

20. (Original) 

The program product of claim 18, wherein the computer software for 
storing evidence further comprises: 

computer software for digitally signing the token; and 
computer software for storing the signed token at the source. 

21. (Original) 

The program product of claim 20, further comprising: 

computer software for forwarding the digitally signed token to a user 
authorized by the source to update the access control list, and 

on presentation of the digitally signed token by the user authorized to 
update the access control list, 

verifying the token signature at the source; and 
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comparing the verified token with the revision level and current time 
stamp associated with the updated access control list retrieved from the data 
repository. 

22. (Previously Amended) 

A computer program product on a computer for secure storage and 
retrieval of electronic data in a remote data repository, comprising: 

computer software for digitally signing the electronic data at source; 

computer software for encrypting the electronic data at the source; 

computer software for forwarding the encrypted electronic data to the 
data repository; 

computer software for storing the encrypted electronic data and deposit 
receipt in the data repository in an environment free of access by the data 
depository manager; and 

computer software for returning a copy of the deposit receipt to the 
source. 

23. (Previously Amended) 

The program product according to claim 22, further comprising: 

computer software for receiving a request from a requesting user, for 
access to the stored electronic data; 

computer software for retrieving the encrypted electronic data and 
forwarding the retrieved data the source; 

computer software for verifying the requesting user as authorized to 
access the electronic data; and 
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computer software product for decrypting the retrieved data when 
verified and sending it directly to the requesting user without providing access 
to the data repository manager. 

24. (Previously Amended) 

The computer program product according to claim 18, further comprising: 

computer software for associating an access control list of user 
authorizations with the electronic data when stored in the data repository in an 
environment free of access by the depository manager; 

computer software for effecting updates to the access control list only 
from the source of the electronic data; 

computer software for storing the updated access control list with the 
electronic data stored in the data repository; and 

computer software for storing evidence of the updated access control list 
at the source and at every user with authorized access to the electronic data in 
the data repository in areas free from access by the depository manager. 

25. (Original) 

The computer program product according to claim 24, wherein the 
computer software for verifying the requesting user as authorized comprises 
computer software for locating the requesting user on the updated access 
control list. 
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26. (Original) 

The computer program product according to claim 25, further comprising 
computer software for verifying accuracy of the updated access control list 
stored with the electronic data in the data repository with the evidence stored at 
the source before releasing the electronic data to the requesting user. 
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